nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

test: tighten channel auth and network coverage

This commit is contained in:
Peter Steinberger 2026-03-13 18:06:39 +00:00
parent 572df97179
commit 8f4e77e72f
2 changed files with 172 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
src/line/accounts.test.ts
View File

@ -12,6 +12,15 @@ import {
describe("LINE accounts", () => {
const originalEnv = { ...process.env };
const tempDirs: string[] = [];
const createSecretFile = (fileName: string, contents: string) => {
const dir = fs.mkdtempSync(path.join(os.tmpdir(), "openclaw-line-account-"));
tempDirs.push(dir);
const filePath = path.join(dir, fileName);
fs.writeFileSync(filePath, contents, "utf8");
return filePath;
};
beforeEach(() => {
process.env = { ...originalEnv };
@ -21,6 +30,9 @@ describe("LINE accounts", () => {
afterEach(() => {
process.env = originalEnv;
for (const dir of tempDirs.splice(0)) {
fs.rmSync(dir, { recursive: true, force: true });
}
});
describe("resolveLineAccount", () => {
@ -101,8 +113,47 @@ describe("LINE accounts", () => {
expect(account.tokenSource).toBe("none");
});
it("resolves default account credentials from files", () => {
const cfg: OpenClawConfig = {
channels: {
line: {
tokenFile: createSecretFile("token.txt", "file-token\n"),
secretFile: createSecretFile("secret.txt", "file-secret\n"),
},
},
};
const account = resolveLineAccount({ cfg });
expect(account.channelAccessToken).toBe("file-token");
expect(account.channelSecret).toBe("file-secret");
expect(account.tokenSource).toBe("file");
});
it("resolves named account credentials from account-level files", () => {
const cfg: OpenClawConfig = {
channels: {
line: {
accounts: {
business: {
tokenFile: createSecretFile("business-token.txt", "business-file-token\n"),
secretFile: createSecretFile("business-secret.txt", "business-file-secret\n"),
},
},
},
},
};
const account = resolveLineAccount({ cfg, accountId: "business" });
expect(account.channelAccessToken).toBe("business-file-token");
expect(account.channelSecret).toBe("business-file-secret");
expect(account.tokenSource).toBe("file");
});
it.runIf(process.platform !== "win32")("rejects symlinked token and secret files", () => {
const dir = fs.mkdtempSync(path.join(os.tmpdir(), "openclaw-line-account-"));
tempDirs.push(dir);
const tokenFile = path.join(dir, "token.txt");
const tokenLink = path.join(dir, "token-link.txt");
const secretFile = path.join(dir, "secret.txt");
@ -125,13 +176,14 @@ describe("LINE accounts", () => {
expect(account.channelAccessToken).toBe("");
expect(account.channelSecret).toBe("");
expect(account.tokenSource).toBe("none");
fs.rmSync(dir, { recursive: true, force: true });
});
});
describe("resolveDefaultLineAccountId", () => {
it("prefers channels.line.defaultAccount when configured", () => {
const cfg: OpenClawConfig = {
it.each([
{
name: "prefers channels.line.defaultAccount when configured",
cfg: {
channels: {
line: {
defaultAccount: "business",
@ -141,14 +193,12 @@ describe("LINE accounts", () => {
},
},
},
};
const id = resolveDefaultLineAccountId(cfg);
expect(id).toBe("business");
});
it("normalizes channels.line.defaultAccount before lookup", () => {
const cfg: OpenClawConfig = {
} satisfies OpenClawConfig,
expected: "business",
},
{
name: "normalizes channels.line.defaultAccount before lookup",
cfg: {
channels: {
line: {
defaultAccount: "Business Ops",
@ -157,14 +207,12 @@ describe("LINE accounts", () => {
},
},
},
};
const id = resolveDefaultLineAccountId(cfg);
expect(id).toBe("business-ops");
});
it("returns first named account when default not configured", () => {
const cfg: OpenClawConfig = {
} satisfies OpenClawConfig,
expected: "business-ops",
},
{
name: "returns first named account when default not configured",
cfg: {
channels: {
line: {
accounts: {
@ -172,15 +220,12 @@ describe("LINE accounts", () => {
},
},
},
};
const id = resolveDefaultLineAccountId(cfg);
expect(id).toBe("business");
});
it("falls back when channels.line.defaultAccount is missing", () => {
const cfg: OpenClawConfig = {
} satisfies OpenClawConfig,
expected: "business",
},
{
name: "falls back when channels.line.defaultAccount is missing",
cfg: {
channels: {
line: {
defaultAccount: "missing",
@ -189,10 +234,25 @@ describe("LINE accounts", () => {
},
},
},
};
const id = resolveDefaultLineAccountId(cfg);
expect(id).toBe("business");
} satisfies OpenClawConfig,
expected: "business",
},
{
name: "prefers the default account when base credentials are configured",
cfg: {
channels: {
line: {
channelAccessToken: "base-token",
accounts: {
business: { enabled: true },
},
},
},
} satisfies OpenClawConfig,
expected: DEFAULT_ACCOUNT_ID,
},
])("$name", ({ cfg, expected }) => {
expect(resolveDefaultLineAccountId(cfg)).toBe(expected);
});
});

135
src/telegram/network-errors.test.ts
View File

@ -9,6 +9,11 @@ import {
tagTelegramNetworkError,
} from "./network-errors.js";
const errorWithCode = (message: string, code: string) =>
Object.assign(new Error(message), { code });
const errorWithTelegramCode = (message: string, error_code: number) =>
Object.assign(new Error(message), { error_code });
describe("isRecoverableTelegramNetworkError", () => {
it("tracks Telegram polling origin separately from generic network matching", () => {
const slackDnsError = Object.assign(
@ -32,16 +37,12 @@ describe("isRecoverableTelegramNetworkError", () => {
expect(isTelegramPollingNetworkError(slackDnsError)).toBe(true);
});
it("detects recoverable error codes", () => {
const err = Object.assign(new Error("timeout"), { code: "ETIMEDOUT" });
expect(isRecoverableTelegramNetworkError(err)).toBe(true);
});
it("detects additional recoverable error codes", () => {
const aborted = Object.assign(new Error("aborted"), { code: "ECONNABORTED" });
const network = Object.assign(new Error("network"), { code: "ERR_NETWORK" });
expect(isRecoverableTelegramNetworkError(aborted)).toBe(true);
expect(isRecoverableTelegramNetworkError(network)).toBe(true);
it.each([
["ETIMEDOUT", "timeout"],
["ECONNABORTED", "aborted"],
["ERR_NETWORK", "network"],
])("detects recoverable error code %s", (code, message) => {
expect(isRecoverableTelegramNetworkError(errorWithCode(message, code))).toBe(true);
});
it("detects AbortError names", () => {
@ -69,6 +70,19 @@ describe("isRecoverableTelegramNetworkError", () => {
expect(isRecoverableTelegramNetworkError(err, { context: "polling" })).toBe(true);
});
it("honors allowMessageMatch=false for broad snippet matches", () => {
expect(
isRecoverableTelegramNetworkError(new Error("Undici: socket failure"), {
allowMessageMatch: false,
}),
).toBe(false);
expect(
isRecoverableTelegramNetworkError(new Error("TypeError: fetch failed"), {
allowMessageMatch: false,
}),
).toBe(true);
});
it("skips broad message matches for send context", () => {
const networkRequestErr = new Error("Network request for 'sendMessage' failed!");
expect(isRecoverableTelegramNetworkError(networkRequestErr, { context: "send" })).toBe(false);
@ -97,6 +111,14 @@ describe("isRecoverableTelegramNetworkError", () => {
expect(isRecoverableTelegramNetworkError(err)).toBe(true);
});
it("normalizes blank tagged origins to null and finds nested tags", () => {
const inner = new Error("inner");
tagTelegramNetworkError(inner, { method: " ", url: " " });
const outer = Object.assign(new Error("outer"), { cause: inner });
expect(getTelegramNetworkErrorOrigin(outer)).toEqual({ method: null, url: null });
expect(isTelegramPollingNetworkError(outer)).toBe(false);
});
// Grammy HttpError tests (issue #3815)
// Grammy wraps fetch errors in .error property, not .cause
describe("Grammy HttpError", () => {
@ -138,49 +160,18 @@ describe("isRecoverableTelegramNetworkError", () => {
});
describe("isSafeToRetrySendError", () => {
it("allows retry for ECONNREFUSED (pre-connect, message not sent)", () => {
const err = Object.assign(new Error("connect ECONNREFUSED"), { code: "ECONNREFUSED" });
expect(isSafeToRetrySendError(err)).toBe(true);
});
it("allows retry for ENOTFOUND (DNS failure, message not sent)", () => {
const err = Object.assign(new Error("getaddrinfo ENOTFOUND"), { code: "ENOTFOUND" });
expect(isSafeToRetrySendError(err)).toBe(true);
});
it("allows retry for EAI_AGAIN (transient DNS, message not sent)", () => {
const err = Object.assign(new Error("getaddrinfo EAI_AGAIN"), { code: "EAI_AGAIN" });
expect(isSafeToRetrySendError(err)).toBe(true);
});
it("allows retry for ENETUNREACH (no route to host, message not sent)", () => {
const err = Object.assign(new Error("connect ENETUNREACH"), { code: "ENETUNREACH" });
expect(isSafeToRetrySendError(err)).toBe(true);
});
it("allows retry for EHOSTUNREACH (host unreachable, message not sent)", () => {
const err = Object.assign(new Error("connect EHOSTUNREACH"), { code: "EHOSTUNREACH" });
expect(isSafeToRetrySendError(err)).toBe(true);
});
it("does NOT allow retry for ECONNRESET (message may already be delivered)", () => {
const err = Object.assign(new Error("read ECONNRESET"), { code: "ECONNRESET" });
expect(isSafeToRetrySendError(err)).toBe(false);
});
it("does NOT allow retry for ETIMEDOUT (message may already be delivered)", () => {
const err = Object.assign(new Error("connect ETIMEDOUT"), { code: "ETIMEDOUT" });
expect(isSafeToRetrySendError(err)).toBe(false);
});
it("does NOT allow retry for EPIPE (connection broken mid-transfer, message may be delivered)", () => {
const err = Object.assign(new Error("write EPIPE"), { code: "EPIPE" });
expect(isSafeToRetrySendError(err)).toBe(false);
});
it("does NOT allow retry for UND_ERR_CONNECT_TIMEOUT (ambiguous timing)", () => {
const err = Object.assign(new Error("connect timeout"), { code: "UND_ERR_CONNECT_TIMEOUT" });
expect(isSafeToRetrySendError(err)).toBe(false);
it.each([
["ECONNREFUSED", "connect ECONNREFUSED", true],
["ENOTFOUND", "getaddrinfo ENOTFOUND", true],
["EAI_AGAIN", "getaddrinfo EAI_AGAIN", true],
["ENETUNREACH", "connect ENETUNREACH", true],
["EHOSTUNREACH", "connect EHOSTUNREACH", true],
["ECONNRESET", "read ECONNRESET", false],
["ETIMEDOUT", "connect ETIMEDOUT", false],
["EPIPE", "write EPIPE", false],
["UND_ERR_CONNECT_TIMEOUT", "connect timeout", false],
])("returns %s => %s", (code, message, expected) => {
expect(isSafeToRetrySendError(errorWithCode(message, code))).toBe(expected);
});
it("does NOT allow retry for non-network errors", () => {
@ -196,19 +187,12 @@ describe("isSafeToRetrySendError", () => {
});
describe("isTelegramServerError", () => {
it("returns true for error_code 500", () => {
const err = Object.assign(new Error("Internal Server Error"), { error_code: 500 });
expect(isTelegramServerError(err)).toBe(true);
});
it("returns true for error_code 502", () => {
const err = Object.assign(new Error("Bad Gateway"), { error_code: 502 });
expect(isTelegramServerError(err)).toBe(true);
});
it("returns false for error_code 403", () => {
const err = Object.assign(new Error("Forbidden"), { error_code: 403 });
expect(isTelegramServerError(err)).toBe(false);
it.each([
["Internal Server Error", 500, true],
["Bad Gateway", 502, true],
["Forbidden", 403, false],
])("returns %s for error_code %s", (message, errorCode, expected) => {
expect(isTelegramServerError(errorWithTelegramCode(message, errorCode))).toBe(expected);
});
it("returns false for plain Error", () => {
@ -217,19 +201,12 @@ describe("isTelegramServerError", () => {
});
describe("isTelegramClientRejection", () => {
it("returns true for error_code 400", () => {
const err = Object.assign(new Error("Bad Request"), { error_code: 400 });
expect(isTelegramClientRejection(err)).toBe(true);
});
it("returns true for error_code 403", () => {
const err = Object.assign(new Error("Forbidden"), { error_code: 403 });
expect(isTelegramClientRejection(err)).toBe(true);
});
it("returns false for error_code 502", () => {
const err = Object.assign(new Error("Bad Gateway"), { error_code: 502 });
expect(isTelegramClientRejection(err)).toBe(false);
it.each([
["Bad Request", 400, true],
["Forbidden", 403, true],
["Bad Gateway", 502, false],
])("returns %s for error_code %s", (message, errorCode, expected) => {
expect(isTelegramClientRejection(errorWithTelegramCode(message, errorCode))).toBe(expected);
});
it("returns false for plain Error", () => {